<?php
require_once("../../../class2.php");
require_once("../library/admin/adminapi.php");

if(!getperms("P")){header("location:".e_BASE."index.php"); exit; }
require_once(e_ADMIN."auth.php");

//make the data safe
foreach ($_POST as $key => $value) $safe[$key] = $tp->toDB($value);
foreach ($_GET as $key => $value) $safe[$key] = $tp->toDB($value);

// Process the Form
if($safe["edit"] == "edit") {
    $orders = e107shop_manage_orders($safe["order"]);
    if($orders[0][6] == "paid" || $orders[0][6]=="complete") $finished = TRUE;
    else $finished = FALSE;
    if($orders[0][6] != "complete") e107shop_admin_process_order($safe["order"], $safe["completed"], $safe["paid"]);
}

if(isset($safe["oo"])) {
    e107shop_delete_order($safe["oo"]);
}

// The header Menu
require_once("templates/top_menu.php");

// HTML for the orders
// if there is no query, then just display a list of orders
// otherwise display the clicked order
if(e_QUERY == "") {
    $orders = e107shop_show_orders(6, '');
    require_once("templates/order_list.php");
} elseif (isset($safe["o"])) {
    $orders = e107shop_show_orders($safe["o"], '');
    require_once("templates/order_list.php");
}

// Display the form
if(isset($safe["a"]) && !empty($safe["a"])) {
    $theorder = "order_number='".$safe["p"]."'";
    $orders = e107shop_show_orders(5, $theorder);
   
    if($orders[0][6] == "paid") $order_status = "checked='checked'";
    else if($orders[0][6]=="complete") {
        $order_status = "checked='checked'";
        $completed = "checked='checked'";
    }
    
    $display=e107shop_display_order($safe["p"], 1);
    if($orders[0][11]!=""){
        $coupon_used = $orders[0][11];
    }
    $display .= "</center>";
    $customer = nl2br(e107shop_get_cust_info($safe["p"]));
    $ns->tablerender("Customers Details: ", $customer);
    require_once("templates/show_order.php");
}
require_once(e_ADMIN."footer.php");
